As Cyber Security Engineer, you will play a key role tosupport the mission of managing the security of the ICRC information systems in AFRICA Region, according to institutional expectations and work closely with other cybersecurity experts and diverse teams of IT professionals worldwide. In addition, contribute to the overall delivery of the institutional cyber security strategy with knowledge, experience, technical expertise and situational awareness over the broad range of the cyber security domains.
We look forward to hearing from you to help support our humanitarian action worldwide.
Tasks and responsibilities
Support the Security Operation Center coordinator and CISO function in the delivery of the overall ICRC cyber security strategy.
Cyber security incident response:
Provide cyber security incident handling assistance to ICRC constituents and support teams
Disseminate incident-related information to constituents and concerned parties via the given process, tooling and communication channels
Appropriately preserve evidence from impacted computing environments
Ensure containment, eradication and recovery tasks are appropriately performed
Escalate unresolved, persistent or repetitive cases to SOC Coordinator
Vulnerabilities management:
Support operation of the global vulnerability management process
Coordinate remediation activities
Validate and verify remediation activities
Escalate unresolved, persistent or repetitive vulnerabilities to SOC Coordinator
Technical support for security local/regional projects, Feasibility Studies, Out of Catalog requests and other similar initiatives.
On Demand security assessment in delegations.
Local support during forensic activities.
Point of contact for security questions at the regional level.
Contribution to user awareness (communities/newsletter, cyber security events, etc.).
Security dashboard follow-up and reporting.
Enforcement (compliance with ICT security policies).
Minimum Requirements and competencies
A University degree in Computer Science, Engineering or related field (with major in security is an asset),
Minimum 4 years of relevant professional experience related to enterprise IT security operations,
Certification relevant to computer network defence such as SANS GIAC, CEH, Security+ and/or Offensive Security is an asset;
Ability to manage workflows within dedicated case management and common service management tooling.
Working knowledge with common desktop,server and mobile OS, container technology, databases and network administration/management.
Working knowledge of OSI network stack including major IPv4/IPv6 protocols using TCP/UDP including SMTP, HTTP, DNS, SNMP, LDAP etc.
Familiarity with core FOSS tools (e.g.: tcpdump, Wireshark) is an asset.
Basic knowledge of core crypto solutions including AES, RSA, DH, SHA, Kerberos, NTLMv2, TLS, OpenSSL.
Basic knowledge of enterprise security architecture and engineering, security frameworks (NIST, ISO, ENISA, etc.) and digital forensics.
Solid sense of integrity, limits and understanding of the overall SOC organisation and wider mission.
Ability to work in English (written and spoken). French and/or Spanish is an asset.
Experience in technical security assessment
go to method of application »
The interested candidates should fill up a form by clicking the link below on or before 16th February 2023 at 4:30 pm then submit their CV, motivation letter, including references details, supporting documents (Certificates, Diplomas, Degree etc) and current and expected remuneration to ICRC Nairobi Delegation, HR Department via the email address provided below: E-mail: nai_hrrec_services@icrc.org
Apply via :
nai_hrrec_services@icrc.org
Leave a Reply